68a07bef56cb66e2a23c0944f9ac3ac8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68a07bef56cb66e2a23c0944f9ac3ac8_JaffaCakes118
Size

168KB
MD5

68a07bef56cb66e2a23c0944f9ac3ac8
SHA1

f5de1810ea088c64a823a8c60c769366c5d35ec1
SHA256

3b748c0925892d3dcfe64a81ae7ba3356351495a0bcfc50e43d4f9a353683aa9
SHA512

6120cab841eaa7fbbf7124e7e06bcd172e484ad1ab787b7757359a5cb4cb92aade8c38dff35799cc16b07c0eafcd4ed446eaacc2ad3fdf7b27522c8421042983
SSDEEP

3072:VrO5tT5zzx951Z+9fIJ68qlwrawlaX384Mcse3mzbMCMkU/skqUB+Ch:c515zzBJNqulcBCWmzIClUZB+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68a07bef56cb66e2a23c0944f9ac3ac8_JaffaCakes118

Files

68a07bef56cb66e2a23c0944f9ac3ac8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6709ac7fbb5fe0def02a6b0d55c7cda3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\pelaMxatKXmNP\XJjetgwRv\tkqGnomQfvr.pdb

Imports

gdi32

GetPixel
GetTextMetricsW
CreateFontW
SetTextColor
MoveToEx
GetFontData
RestoreDC
CreateEllipticRgnIndirect
CreateCompatibleBitmap
SelectPalette
GetBkMode
BitBlt
CreateHalftonePalette
CreateDCW
SetRectRgn
SetViewportOrgEx
CreateSolidBrush
GetRgnBox
SetWindowExtEx

kernel32

IsBadStringPtrW
CreateMutexA
OpenSemaphoreW
SetEndOfFile
LoadLibraryExA
GetSystemDirectoryW
ClearCommBreak
ExitProcess
OpenFileMappingW
LoadLibraryA
PulseEvent
GetFullPathNameW
QueryPerformanceCounter
WaitForSingleObject
HeapAlloc
CompareStringW
OpenEventA
GetFileInformationByHandle
lstrcatW
DeleteCriticalSection
QueryDosDeviceW
HeapLock

user32

IsDlgButtonChecked
CopyImage
EnableMenuItem
GetSubMenu
GetWindowLongA
GetForegroundWindow
LoadIconW
GetMenuItemCount
GetDlgItem
GetMonitorInfoW
PostMessageA
GetMessageW
IsCharAlphaW
PostThreadMessageW
DefWindowProcA
GetCaretPos
SetParent
KillTimer
GetNextDlgGroupItem
FindWindowExW
ShowCursor
OpenIcon
SendMessageTimeoutW
CreateIconIndirect
MonitorFromPoint
GetSystemMenu
LoadImageW
GetScrollPos
GetKeyboardLayoutList
DrawStateA
ExitWindowsEx
IsCharAlphaNumericW
IsZoomed
ChildWindowFromPoint
IsCharLowerA
CreatePopupMenu
ShowOwnedPopups
ScrollWindowEx
GetSysColorBrush
SetClassLongW
DefFrameProcW
wsprintfA
MessageBoxW
GetClassLongA
LoadAcceleratorsA
InflateRect
IntersectRect

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
isalpha
_amsg_exit
strstr
_initterm
wcscspn
_acmdln
remove
exit
fputs
_ismbblead
_XcptFilter
wcstod
_exit
strchr
fflush
wcscmp
fwrite
srand
_cexit
strcoll
wcsrchr
__setusermatherr
__getmainargs

shlwapi

StrToInt64ExA
PathRemoveBlanksW

comdlg32

GetSaveFileNameA
FindTextW

Exports

Exports

?DeleteMessageW@@YGPAFPADHJ&U
?CopyList@@YGINIE&U
?FindCommandLineOriginal@@YGKPADH&U
?ValidatePointerOriginal@@YG_NNMFI&U
?EnumTaskExA@@YGXHFPAF&U
?FreeVersionOld@@YGPAFPAKPADPAD&U
?SetObjectA@@YGKI&U
?InstallValueExW@@YGFPAIPAGGI&U
?FormatAnchorW@@YG_NFE&U
?DeleteHeader@@YGNPAGPAFF&U
?CallSizeW@@YGNGPAHI&U
?EnumMediaTypeEx@@YGPAEG&U
?GetFilePath@@YGMK&U
?PutObjectOld@@YGGHMKG&U
?ValidateObjectA@@YGHHEPAKPAD&U
?ShowDataOriginal@@YGGKPAGPAH&U
?DecrementWidth@@YGHPAI&U
?RemoveEventW@@YGHF&U
?InstallComponentA@@YGMG&U
?PutPathExA@@YGPAXPAIDG&U
?DecrementWindowInfoExA@@YGPAIPAJ_NKK&U
?ShowArgumentExA@@YGNPAIPAN&U
?InvalidateTimeExW@@YGPAKPADPAN&U
?SendKeyboardExA@@YGMIPAF&U
?SendListExA@@YGEPAKEJ&U
?RemoveDeviceExW@@YGPAGGF&U
?SubDevModuleUDyiuhkj@@YGKPA_WGH@Z
?HideNameExA@@YGPAFPAFJPAI&U
?IsKeyboardNew@@YGXHPAKHPAE&U
?ValidateValueOriginal@@YG_NPAFF&U
?IsFileNew@@YGXIEJK&U
?RtlTextExW@@YGPAXPADPAHK_N&U
?SetDeviceA@@YGPAHPANDPA_NM&U
?DeleteDateTimeNew@@YGMEDPAG&U
?IsNotMutant@@YGDKPANID&U
?FreeComponentW@@YGXGPAKGI&U
?IsNotTimeEx@@YGKHHPAJ&U
?InvalidateAppNameOriginal@@YGKE&U
?CancelPointerW@@YGPAJHKI&U
?ShowClassOld@@YGFH&U
?CallScreenExA@@YGPAXPAK&U
?CancelTimeA@@YGPAKHFMPAH&U
?DecrementHeightExA@@YGNPAEG&U
?DeleteHeight@@YGPAKJ_NHD&U
?InsertObjectOriginal@@YGPAXNFPAI&U
?ModifyWidthExW@@YGPAKE&U
?SendProcessNew@@YGKI&U
?InstallWidthOld@@YGPAXPAHFJ&U
?DeleteHeightA@@YGXGPAD&U
?IncrementArgumentExA@@YGGGF&U
?ShowListItemEx@@YGPAXN&U
?CallFolderPathOriginal@@YGMPA_N&U
?FormatFolderA@@YGGKE&U
?RtlDateTimeW@@YGIDPAFM_N&U
?FindSemaphoreExA@@YGFDPAM_N&U
?IsNotDateTimeW@@YGPAGPAKKM&U
?AddFileExA@@YGHDKJ&U
?SendFileNew@@YGDK&U
?DeleteState@@YGXII&U
?DeleteDeviceA@@YGXEG&U
?EnumHeightNew@@YGPAXPAH&U
?CrtHeaderNew@@YGDPAK&U
?IsNotPenA@@YGPAXKPAJ&U
?InvalidateFilePath@@YGPAFHEPADPAE&U
?RtlMonitorExA@@YG_NFE&U
?FreeProfile@@YGDHPAJI&U
?InstallWidthA@@YGKH&U
?AppName@@YGMHPADPAF&U
?InsertModuleW@@YGXMK&U
?FreeValueOld@@YGKPAJ&U
?GlobalAppNameOld@@YGGDD&U
?LoadVersion@@YGXPAG&U
?IsValidModuleA@@YGHG&U
?SetAppNameOld@@YGFPAJIPA_NPAI&U
?SetCharOriginal@@YGPAEE_NIE&U
?GenerateStateExA@@YGXDE_NK&U
?GenerateProjectOriginal@@YGXPAHJ&U
?DecrementDataExA@@YGEDPAMHG&U
?GlobalObjectNew@@YGNGFHH&U
?ShowChar@@YGPAJMPAEPAJPAG&U
?InvalidateRectEx@@YGJPAHJJD&U
?HideClassA@@YGJIFH&U
?GlobalFolderW@@YGDI&U
?IsValidTextW@@YGXPAH&U
?ValidatePointExA@@YGGPAJ&U
?ShowTimerExA@@YGIH&U
?HideFileW@@YGNEM&U
?InvalidateSizeOriginal@@YGPAXKJGG&U
?OnWindowInfoExW@@YGHKEM&U
?InsertPointerEx@@YGXEFD&U
?LoadFullNameExA@@YGXDPAH&U
?CloseProfileEx@@YGIHEPA_N&U
?InstallSize@@YGPANPAGPAD&U
?IncrementStateNew@@YGMJG&U
?VersionW@@YGPAJE&U
?IsListItemOld@@YG_NPAGIPAMH&U
?EnumMediaTypeA@@YGGPADDJJ&U
?IncrementTaskA@@YGDGGPAEM&U
?InvalidateSizeExA@@YGPAHKPAFM&U
?GetSemaphore@@YGMPAHPAIF&U
?FreeSystemExA@@YGIPADPAF&U
?RemoveComponentNew@@YGPAMMJ&U
?CrtEventExA@@YGPAKPAJ_N&U
?DeleteDataExW@@YGXKI&U
?FindTaskNew@@YGNK&U
?InvalidateHeaderA@@YGIPADHHE&U
?CancelTimer@@YGKFPAHPADPAG&U
?AddFolderPathEx@@YGXDFGM&U
?IsNotCommandLineW@@YGPAXII_NJ&U
?GetArgumentExW@@YGPAXPA_NPAJPA_N&U
?RtlFolderPathNew@@YGDPAK&U
?IsValidHeightEx@@YGG_NKIPAM&U
?AddDataExA@@YGJPAFD&U
?CrtStateA@@YGFG_NPAGG&U
?RectNew@@YGD_NE&U
?CallValueExW@@YGPADEGJ&U
?SendSizeW@@YGPAJ_NPAIPADK&U
?IsNotSemaphoreNew@@YGEJPAIJI&U
?FormatCharExW@@YGHPAJEDK&U
?PutEventExA@@YGPAJKFPAF&U
?DeleteHeightOriginal@@YGIJMPADD&U
?HideProfile@@YGJPAFEPAF&U
?GenerateListExA@@YGKE&U
?OnMonitorOriginal@@YGKEM&U
?GenerateArgumentOld@@YGKMPAHPAN&U
?CallFileW@@YGXPAMPAG&U
?ShowDirectoryOriginal@@YGXM&U
?IsValidFileA@@YGGFEPAI&U
?EnumKeyboardExA@@YGXPAENM&U
?DeleteTimeOriginal@@YGHJ&U
?SetWindowInfoNew@@YGKGPADH&U
?ModifySemaphoreA@@YGJK&U
?CopyProjectNew@@YGPAFEPAMPAMD&U
?DecrementProjectA@@YGMM_NJPAK&U
?LoadTaskA@@YGPANPAHPAM&U
?DataA@@YGPAFD&U
?KillFile@@YGFJJ&U
?DeleteNameExW@@YGXNE&U
?KillMutexA@@YGPAHPAE&U
?DeleteDirectoryNew@@YGIMN&U
?OnArgumentW@@YGFNMK&U
?ShowMutexEx@@YGGE&U
?GlobalKeyName@@YGPAJPAKF&U
?InsertMutexExW@@YGNFKPAG&U
?CloseTime@@YGNEPAKF&U
?InsertConfigNew@@YGKPAIM&U
?OnMutantEx@@YGPAEPAMPAIPAIPAH&U
?InvalidateRectExW@@YGIPAFEKI&U
?PutDateTimeOriginal@@YGXN&U
?AddPathEx@@YGPAIPAMPAK&U
?CancelClassOriginal@@YGPA_NPADPAHIPA_N&U

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.simp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.stit
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.set
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdbg
Size: 512B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvar
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 512B - Virtual size: 493B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.raw
Size: - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6709ac7fbb5fe0def02a6b0d55c7cda3

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

msvcrt

shlwapi

comdlg32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.simp Size: 3KB - Virtual size: 2KB

.dbug Size: 512B - Virtual size: 28B

.stit Size: 1024B - Virtual size: 532B

.set Size: 6KB - Virtual size: 5KB

.sdbg Size: 512B - Virtual size: 67B

.dvar Size: 512B - Virtual size: 44B

.dpt Size: 512B - Virtual size: 493B

.wdata Size: 1024B - Virtual size: 724B

.data Size: 2KB - Virtual size: 1KB

.raw Size: - Virtual size: 125KB

.rsrc Size: 129KB - Virtual size: 128KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.simp
Size: 3KB - Virtual size: 2KB

.dbug
Size: 512B - Virtual size: 28B

.stit
Size: 1024B - Virtual size: 532B

.set
Size: 6KB - Virtual size: 5KB

.sdbg
Size: 512B - Virtual size: 67B

.dvar
Size: 512B - Virtual size: 44B

.dpt
Size: 512B - Virtual size: 493B

.wdata
Size: 1024B - Virtual size: 724B

.data
Size: 2KB - Virtual size: 1KB

.raw
Size: - Virtual size: 125KB

.rsrc
Size: 129KB - Virtual size: 128KB

.reloc
Size: 1KB - Virtual size: 1KB